CLAIMS 



1 . A method of providing automated document retention for electronic 
5 documents, said method comprising: 

obtaining an electronic document; 

assigning a document retention policy to the electronic document, the 
document retention policy being based on a recurring cut-off retention schedule; and 

cryptographically imposing the document retention policy on the electronic 
10 document. 

2. A method as recited in claim 1 , wherein said method further comprises: 

subsequently determining whether a document retention period for the 
electronic document has been exceeded; and 

15 cryptographically preventing access to the electronic document in accordance 

with the document retention policy when the document retention period for the 
electronic document has been exceeded. 

3. A method as recited in claim 1 , 

20 wherein said imposing operates to utilize a cryptographic key to impose the 

document retention policy, and 

wherein the document retention policy specifies a document retention period 
and a cut-off period. 

25 4. A method as recited in claim 3, wherein the document retention policy 

specifies a document retention period that expires a predetermined period of time 
after the cut-off period. 
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5. A method as recited in claim 3, wherein the cut-off period corresponds to a 
maximum off-line period of a client. 

6. A method as recited in claim 1 , wherein said imposing comprises acquiring a 
5 cryptographic key from a server over a network, the cryptographic key being used to 

impose the document retention policy. 

7. A method as recited in claim 6, wherein said method further comprises: 

determining whether the document retention period has expired; and 

10 deactivating the cryptographic key when said determining determines that the 

document retention period has expired, thereby preventing further access to the 
electronic document. 

8. A method as recited in claim 7, 

15 wherein said imposing operates to utilize a cryptographic key to impose the 

document retention policy, and 

wherein the document retention policy specifies a document retention period 
and a cut-off period. 

20 9. A method as recited in claim 8, wherein the document retention policy 

specifies a document retention period that expires a predetermined period of time 
after the cut-off period. 

1 0. A method for periodically providing document retention keys to clients of a 
25 document retention system via a network, said method comprising: 

determining whether a cut-off period for a current or prior document retention 
key has been reached; 
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generating a next document retention key to be used to encrypt electronic 
documents during a next cut-off period, the next document retention key having a 
document retention period associated therewith; and 

notifying any of the clients that are connected to the network of the next 
document retention key. 

11. A method as recited in claim 10, wherein said method further comprises: 

subsequently determining whether the prior document retention key is to be 
deactivated based on the document retention period; and 

deactivating the prior document retention key when said determining 
determines that the prior document retention key is to be deactivated. 

12. A method as recited in claim 1 1 , wherein the document retention period is a 
predetermined duration of time following the end of the next cut-off period. 

13. A method for restricting access to an electronic document, said method 
comprising: 

identifying an electronic document to be secured, the electronic document 
having at least a data portion that contains data; 

obtaining a document key; 

encrypting the data portion of the electronic document using the document 
key to produce an encrypted data portion; 

obtaining a retention access key, the retention access key being used to 
enforce a document retention policy on the electronic document; 

encrypting the document key using the retention access key to produce an 
encrypted document key, the retention access key only being usable for said 
encrypting during a cut-off period; 

forming a secured electronic document from at least the encrypted data 
portion and the encrypted document key; and 
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storing the secured electronic document. 

14. A method as recited in claim 13, wherein the retention access key is a public 
retention access key. 

5 

15. A method as recited in claim 13, wherein the document retention policy 
specifies a document retention period that expires a predetermined period of time 
after the cut-off period. 

10 16. A method for accessing a secured electronic document by a requestor, the 
secured electronic document having at least a header portion and a data portion, 
said method comprising: 

obtaining a retention access key, the retention access key being used to 
enforce a document retention period of a document retention policy on the electronic 
15 document, the retention access key being usable only during the document retention 
period following a cut-off period; 

obtaining an encrypted document key from the header portion of the secured 
electronic document; # 

decrypting the encrypted document key using the retention access key to 
20 produce a document key; 

decrypting an encrypted data portion of the secured electronic document 
using the document key to produce a data portion; and 

supplying the data portion to the requestor. 

25 17. A method as recited in claim 16, wherein the retention access key is identified 
by an indicator within a header portion of the secured electronic document. 

18. A method as recited in claim 16, wherein the retention access key is a private 
retention access key. 
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19. A method as recited in claim 16, wherein, if permitted, said obtaining obtains 
the retention access key being obtained from a server. 

5 20. A method as recited in claim 16, wherein the document retention period is a 
predetermined period of time after the occurrence of the cut-off period. 

21 . A computer readable medium including at least computer program code for 
providing automated document retention for electronic documents, said computer 

10 readable medium comprising: 

computer program code for obtaining an electronic document; 

computer program code for assigning a document retention policy to the 
electronic document, the document retention policy being based on a recurring cut- 
off retention schedule; and 

15 computer program code for cryptographically imposing the document 

retention policy on the electronic document. 

22. A computer readable medium as recited in claim 21 , wherein said computer 
readable medium further comprises: 

20 computer program code for subsequently determining whether a document 

retention period for the electronic document has been exceeded; and 

computer program code for cryptographically preventing access to the 
electronic document in accordance with the document retention policy when the 
document retention period for the electronic document has been exceeded. 

25 

23. A computer readable medium as recited in claim 21 , 

wherein said computer program code for cryptographically imposing operates 
to utilize a cryptographic key to impose the document retention policy, and 
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wherein the document retention policy specifies a document retention period 
and a cutoff period. 

24. A computer readable medium as recited in claim 23, wherein the document 
5 retention policy specifies a document retention period that expires a predetermined 

period of time after the cut-off period. 

25. A file security system for restricting access to electronic files, said file security 
system comprising: 

10 a key store that stores a plurality of cryptographic key pairs, each of the 

cryptographic key pairs including a public key and a private key, at least one of the 
cryptographic key pairs pertaining to a retention policy, the retention policy having a 
document retention period and a cut-off period; and 

an access manager operatively connected to said key store, said access 
15 manager makes available, for each of the cut-off periods, a different one of the public 
keys of the at least one of the cryptographic key pairs, and said access manager 
determines whether the private key of the at least one of the cryptographic key pairs 
pertaining to the retention policy is permitted to be provided to a requestor based on 
whether the document retention period following the cut-off period has expired, 

20 wherein the requestor requires the private key of the at least one of the 

cryptographic key pairs pertaining to the retention policy to access a secured 
electronic file, and wherein the secured electronic file was previously secured using 
the public key of the at least one of the cryptographic key pairs pertaining to the 
retention policy, and at the time the electronic file was so secured, the public key 

25 was within the cut-off period and available for use. 
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